Privacy Policy

1.1 PERSONAL DATA AND SENSITIVE PERSONAL DATA

Personal data is all information related to the natural person, identified or identifiable. Examples: name, address, identification numbers (RG/ID/SSN, CPF, etc.), location data, electronic identifiers (e-mail, login, IP address, geolocation, etc.).

Sensitive personal data is all data on racial or ethnic origin, religious conviction, political opinion, membership in a trade union or organization of a religious, philosophical or political character, data relating to health or sexual life, genetic or biometric data, linked to a natural person.

1.2 WHAT ARE THE EXISTING SUBJECTS AND FIGURES IN THE GDPL?

"Data holder" is the natural person to whom the personal data that is the subject of processing refers.

"Controller" is the natural or legal person, public or private, who is responsible for the decisions regarding the processing of personal data.

"Operator" is the natural or legal person, public or private, who performs the processing of personal data on behalf of the controller.

"NDPA" is the National Data Protection Authority.

1.3 WHAT DATA DOES THIS COMPANY COLLECT FROM YOU? HOW TO KNOW?

We have a Service Channel for the Rights of the Holders that can be accessed and checked in the “summary table” of this Policy.

By contacting us, our team and in charge will review your request and respond as soon as possible.

1.4 HOW TO UPDATE YOUR PERSONAL DATA?

If you have any data that is out of date, we kindly ask you to contact our Service Channel for the Rights of the Holders and inform us what data needs to be updated (as per “summary table” of this Policy).

1.5 WHAT ARE THE RIGHTS OF DATA SUBJECTS?

The GDPL guarantees some rights to citizens, Brazilian or not, who are in Brazil: 

I. Confirmation of the existence of data processing; 

II. Access to personal data; 

III. The correction of your personal data when it is incomplete, inaccurate or outdated; 

IV. The deletion of unnecessary, excessive or unlawful personal data (except in the case where the processing is legal, even if there is no consent of the holder); 

V. Data portability to another service or product provider (respecting commercial and industrial secrets); 

VI. Information on the sharing of data with public and private entities, where it exists; 

VII. The information about non-consent (the option to not authorise the treatment and the consequences of the refusal); 

VIII. Revocation of consent; 

IX. The complaint against the data controller to the National Authority; 

X. The opposition in cases where you disagree with the treatment done without your consent and understand that it is irregular.

1.6 WHAT IS THE REASON FOR CONSENT?

Consent allows the holder to have access to the data and information relevant to the processing of his personal data, so that the answer must be clear and specific to then be made available in an appropriate manner to the holder.

1.7 HOW TO REVOKE THE CONSENT GIVEN FOR DATA PROCESSING?

Yes, at any time you may contact the Service Channel for the Rights of the Holders and request the cancellation of consent (as per “summary table” of this Policy).

1.8 WHAT ARE THE RIGHTS TO ANONYMISE, BLOCK AND DELETE PERSONAL DATA?

The anonymisation process is the technique used to remove or modify information that identifies a person. In this way, the data will be considered anonymised when it is not possible to identify the individual from the data.

In addition, when the data subject verifies that his data is being used unnecessarily, excessively or treated in non-compliance with the GDPL, he may request the anonymisation, blocking or deletion of such data, provided that the data is not used for the fulfilment of any legal obligation.

It should be reinforced that anonymisation is irreversible or difficult to reverse, since it ensures the protection of personal data, as in the cases of surveys.

1.9 OF ADS

Like other websites, we collect and use information contained in advertisements. The information contained in the ads includes your Internet Protocol (IP) address, the browser you used when visiting our website (such as Internet Explorer or Firefox), the time of your visit and which pages you visited within our website.

1.10 CORRESPONDENCE AND EXCHANGE OF INFORMATION WITH THIRD-PARTY WEBSITES

The CONTROLLER has links to other websites, which, in our view, may contain useful information / tools for our visitors. Our Privacy Policy does not apply to third party websites, so if you visit another website from ours you should read the privacy policy of the same. We are not responsible for the privacy policy or content on these sites.

1.11 COOKIES POLICY

This website uses a variety of cookies.

Some cookies personalise your access, remember your preferences or simply provide us with access statistics.

Below we provide a list of the cookies that you may find on our website and a brief description of their purpose.

1.12 FACEBOOK ADS

Facebook Ads is Facebook's media tool.

Read more at: https://www.facebook.com/policy/cookies/

1.13 GOOGLE ADS

Google Ads is Google's media tool.

Read more at: https://policies.google.com/technologies/ads?hl=pt-BR&hl=pt_BR 

1.14 GOOGLE OPTIMISE

Google Optimise is Google's tool for performing A/B testing of users' browsing.

Read more at: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

1.15 LINKEDIN ADS

LinkedIn Ads is LinkedIn's media tool.

Read more at: https://www.linkedin.com/legal/privacy-policy 

The following types of information may be collected:

2.1 INFORMATION YOU PROVIDE TO US

This includes:

• Registration data. When you register with the CONTROLLER, you provide us with information such as name, date of birth, gender, telephone number, email address.

2.2 INFORMATION GENERATED WHEN YOU USE OUR SERVICES

We collect the following generated information:

• Access records. The CONTROLLER automatically collects application access logs, which include the IP address, with date and time, used to access the CONTROLLER. These data are mandatory collection, in accordance with law 12.965/2014, but will only be provided to third parties with your express authorization or through a lawsuit.
• Communications with the CONTROLLER. When you communicate with the CONTROLLER, we collect information about your communication, including metadata such as the date, IP and time of communications and all of its content, as well as any information you choose to provide.

It is not difficult to remember, we value your privacy very much. 

Therefore, all data and information about you are treated as confidential, and we will only use them for the purposes described herein and authorised by you, mainly so that you can use the CONTROLLER fully, always aiming to improve your user experience.

3.1 Authorised uses

This way, we can use your data to:

• Allow you to access and use all features of the CONTROLLER;
• Send you messages regarding support, service, news, video, matter, communication, and the like, as well as alerts, notifications, and updates;
• Communicate with you about matters, content, products, services, promotions, news, updates, events and other matters that you may be interested in;
• Customise the service to suit your tastes and interests more and more;
• Create new services, products and features;
• We keep follow-up data for you to track your shipments;
• Detection and Prevention of fraud, spam and security incidents;
• Receiving and handling complaints;
• Verify or authenticate the information you provide, including by comparing it to data collected from other sources;
• Analyse and respond to any complaints registered on the portal;
• Select you, if you have shown interest, to participate in the company's recruitment process. 
• For any purpose you authorise at the time of data collection;
• Comply with legal obligations.

Eventually, we may use data for purposes not provided for in this privacy policy, but these will be within your legitimate expectations

Any use of your data for purposes that do not comply with this prerogative will be done with your prior authorization.

3.2 Deletion of data

All data collected will be deleted from our servers when you so request, by free and facilitated procedure, or when these are no longer necessary or relevant to offer you our services, unless there is any other reason for its maintenance, such as any legal obligation to retain data or need to preserve them to protect the rights of the CONTROLLER.

In cases where you request the deletion of your data, it will be done promptly, to the extent possible.

Exceptions to the above rule: will not be excluded those that are essential by virtue of existing and current legal relationship; that have legal provision for their maintenance; on which the GDPL is not applicable; are within prescribed deadlines provided for the maintenance of such data; those provided for maintenance according to standards approved by the NDPA (National Data Protection Authority).

Communication channel contained in the "summary table" of this Policy.

3.3. User deletion

The CONTROLLER reserves the right to exclude certain users, regardless of their type, if this Policy or the Terms of Use are not respected. 

As we value the good relationship with users, we recognise that they have the right to seek to understand the reasons and even dispute them, which can be done by the following email contained in the “summary table” of this Policy.

4.1 The CONTROLLER may share the information it collects with service providers located both in Brazil and abroad. 

4.2 The sharing of information will take place anonymously, whenever possible, in order to preserve your privacy. 

4.3 You hereby expressly authorise such shares.

4.4 All data, information and content about you may be considered active in the event of negotiations in which the CONTROLLER is a party. Therefore, we reserve the right, for example, to include your data among the assets of the company if it is sold, acquired or merged with another. By means of this Policy you agree and are aware of this possibility.

4.5 The CONTROLLER reserves the right to provide your data and information about you, including interactions with you, if it is judicially requested to do so, an act necessary for the company to comply with national laws, or if you expressly authorise it.

You may always choose not to disclose your data to us, but keep in mind that some of this data may be necessary to use the functionality of our applications. Regardless of this, you will always have rights regarding the privacy and protection of your personal data. 

Thus, below we summarise all the rights you have under the Brazilian sectoral laws regarding data protection and the General Data Protection Law ("GDPL"), whatever they are:

5.1 Right of access. This right allows you to request and receive a copy of the personal data we hold about you.

5.2 Right of rectification. This right allows you, at any time, to request the correction and/or rectification of your personal data, if you identify that some of them are incorrect. However, in order for this correction to be effective, we will have to check the validity of the data you provide to us. You can directly rectify some of your personal data according to the communication channel contained in the "summary table" of this Policy.

5.3 Right of deletion. This right allows you to ask us to delete the personal data we hold about you. All data collected will be deleted from our servers when you so request or when these are no longer necessary or relevant to offer you our services, unless there is any other reason for its maintenance, such as any legal obligation to retain data or the need to preserve them to protect the rights of the CONTROLLER. To change your personal information or delete it from our database, simply email the communication channel contained in the “summary box” of this Policy.

5.4 Right to object to processing. You also have the right to object where and in what context we are processing your personal data for different purposes. In certain situations, we may demonstrate that we have legitimate grounds to process your data, which override your rights, if, for example, it is essential for the provision of our applications.

5.5 Right to request anonymisation, blocking or deletion. This right allows you to ask us to suspend the processing of your personal data in the following scenarios:

A. If you want us to establish the accuracy of the data; 

B. When you need the data to be retained even if we no longer need it, as necessary, to establish, exercise or defend legal claims; or 

C. If you have objected to the use of your data, but in this case we need to check whether we have legitimate reasons to use it.

5.6 Right to portability. We will provide you, or third parties you have chosen, with your personal data in a structured and interoperable format. 

5.7 Right to withdraw your consent. You have the right to withdraw your consent to the terms of this Privacy Policy. However, this will not affect the legality of any processing carried out previously. If you withdraw your consent, we may not be able to provide certain services.

5.8 Right to review automated decisions. You also have the right to request the review of decisions made solely on the basis of automated processing of your personal data that affect your interests, including decisions aimed at defining personal, professional, consumer and credit profiles and/or aspects of your personality.

5.9 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise your other rights). This is a security measure to ensure that personal data is not disclosed to anyone who does not have the right to receive it. We may also contact you for more information regarding your request in order to expedite our response. 

5.10 Response times: as per information in the " summary table” of this Policy.

5.11 If you have any questions about these issues and how you can exercise these rights, please feel free to contact us by email as per the communication channel contained in the “summary table” of this Policy.

6.1 All your data is confidential and only people with the proper authorizations will have access to it. 

6.2 Any use of these will be in accordance with this Policy. The CONTROLLER will use all reasonable market efforts to ensure the security of our systems and your data. 

6.3 Our servers are located in different locations to ensure stability and security, and can only be accessed through previously authorised communication channels.

6.4 All your information will be, whenever possible, encrypted, if it does not prevent its use by the platform. At any time you may request a copy of your data stored on our systems. 

6.5 We will retain the data and information only until such time as it is necessary or relevant for the purposes described in this Policy, or in the case of periods predetermined by law, or until such time as these are necessary for the maintenance of legitimate interests of the CONTROLLER.

6.6 The CONTROLLER considers your privacy to be extremely important and will do everything in its power to protect it. However, we cannot guarantee that all data and information about you on our platform will be free from unauthorised access, especially if there is improper sharing of the credentials necessary to access our application. Therefore, you are solely responsible for keeping your access password in a secure place and it is forbidden to share it with third parties. You agree to notify us immediately, through the communication channel contained in the "summary table" of this Policy, of any unauthorised use of your account, as well as unauthorised access by third parties to it.

7.1 The CONTROLLER reserves the right to change this Policy as often as necessary in order to provide you with more security, convenience, and increasingly improve your experience. 

7.2 That is why it is very important to access our Policy periodically. For ease, we indicate at the beginning of the document the date of the last update. 

7.3 If material changes are made that give rise to new authorizations from you, we will publish a new privacy policy, subject again to your consent.

8.1 This document is governed by and shall be construed in accordance with the laws of the Federative Republic of Brazil. 

8.2 It is elected the Forum of the region contained in the “summary table”, as the competent to settle any issues perhaps arising from this document, with Express renunciation of any other, however privileged it may be.